Configuration Examples for Kerberos
end
chet-2500#
The following example shows output from the three types of sessions now possible for user chet with Kerberos
instances turned on:
chet-ss20% telnet chet-2500
Trying 172.16.0.0 ...
Connected to chet-2500.cisco.com.
Escape character is '^]'.
User Access Verification
Username: chet
Password:
chet-2500> show kerberos creds
Default Principal:
Valid Starting
13-May-1996 14:58:28
chet-2500> show privilege
Current privilege level is 1
chet-2500> q
Connection closed by foreign host.
chet-ss20% telnet chet-2500
Trying 172.16.0.0 ...
Connected to chet-2500.cisco.com.
Escape character is '^]'.
User Access Verification
Username: chet/admin
Password:
chet-2500# show kerberos creds
Default Principal:
Valid Starting
13-May-1996 14:59:44
chet-2500# show privilege
Current privilege level is 15
chet-2500# q
Connection closed by foreign host.
chet-ss20% telnet chet-2500
Trying 172.16.0.0 ...
Connected to chet-2500.cisco.com.
Escape character is '^]'.
User Access Verification
Username: chet/restricted
Password:
chet-2500# show kerberos creds
Default Principal:
Valid Starting
13-May-1996 15:00:32
chet-2500# show privilege
Current privilege level is 3
chet-2500# q
Connection closed by foreign host.
chet-ss20%
Example: Encrypting a Telnet Session
The following example shows how to establish an encrypted Telnet session from a device to a remote host
named "host1":
Device>
telnet host1 /encrypt kerberos
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1000
chet@CISCO.COM
Expires
13-May-1996 22:59:29
chet/admin@CISCO.COM
Expires
13-May-1996 23:00:45
chet/restricted@CISCO.COM
Expires
13-May-1996 23:01:33
Service Principal
krbtgt/CISCO.COM@CISCO.COM
Service Principal
krbtgt/CISCO.COM@CISCO.COM
Service Principal
krbtgt/CISCO.COM@CISCO.COM